Hello IA consultants out there! If you’ve benchmarked/baseline Key report testing, ITACs/ITGCs, please share your thoughts. 1) what was your rationale behind this? 2) how did you convince management and external auditors this is the way to go 3) how many hours per control or key reports was saved? What was the % of total hours saved? 4) how did you ensure your audit fees were not reduced due to the hours saved?

like
Posting as :
works at
You are currently posting as works at

For key report testing, I have looked at the scripts that are used to run the reports. If there has been no change to the script for years, we have been able to persuade all parties that the report can be benchmarked. The first year you benchmark, you still have to go through the full testing process but after that, you can just confirm that the script is unchanged year over year.

like

Thanks for your response and example. Does this procedure apply to all types of key reports (standard vs. third party vs. custom) or are there different procedures you’ll perform based on the type of report? This is a “new” SEC company going into its 4th year of SOX testing. How established does the company SOX program have to be to determine the script have not changed year over year?

Benchmarking guidelines have gotten really strict lately with the increased focus on completeness and accuracy considerations. Overall, if you can prove that underlying code/logic of the setup of the report hasn’t changed, you can continue to leverage the testing done the first time for three years. The only benefit is that you don’t need to test the code logic again once you baseline it. But you still need to test the front end parameters applied and check that the output wasn’t modified etc. so not too much savings

like

I’m new to the firm and kinda asked around and there isn’t a guideline. I’m also not an IT auditor so just trying to gather as much info as I can before i speak with the IT folks who actually do the work.

Can you elaborate a bit more on what you mean by benchmarking or baselining KRs, ITACs, or ITGCs?

Obtaining a change management log for the systems involved and relying on PY testing - which will be used as the baseline year - for the next 3 or so years as long as there’s been no changes to the system logic

Related Posts

Name the reaction you get when you tell dates you’re a lawyer:

like

Has anyone flown the Chicago - Delhi United flight? How has your experience been?

like

What are your new year beaty & wellness resolutions?

like

Venting a bit: Are you finding DEI groups at work overrun with allies. Is there also an increase in celebrating said allies? Is it just me?

Most of the groups I'm in (esp. event teams) are being taken over by allies wanting to do what they think should be done to 'celebrate' whatever topic the month is, usually speaking over marginalized coworkers and rarely consulting with them. It seems like the only time this doesn't happen is for gay (usually yt) men or BHM. I'm just feeling so...minimized.

Hello
I have joined Nagarro in oct
Want to transfer my pf fund from my old organisation. Where can I find pf account details which nagarro has created ?
Please help

like

Will Accenture do mass firing without any cause....!?

like

Has anyone moved from EB2 to EB1 category? Experiences? I have an approved EB2 I-140 but will be eligible for EB1 (worked outside US as manager for 1.5 yrs)

For those who exited from consulting into pharma, how did you find your role? LinkedIn recruiters contact me about consulting roles and applied for a few pharma positions but have not heard back.

like

Big law real estate associates, 2-5 year: what’s a day in the life? What are you working on? How does it compare to what your M&A or securities colleagues are doing?

likesmart

Are there any scholarship opportunities or aid available to students taking the PMP? My university does not have any and I’m interested in taking the exam. TIA

What is the salary range for university graduate - data scientist roles at Tiktok(US)?

What is the first coding language that you have learnt?

likehelpful

Twitter, Meta, Amazon and many other tech firms recently laying off workers. What’s really going on? Is the tech boom gradually dwindling post Covid?

likesmart
like

Pretty stoked to try out this private select this weekend. I’ve had 4 different ones, and they have all actually been unique enough for this amateur pallet to tell a difference. Last bottle left at the local store. Cheers to one more day left of the work week folks!

Post Photo
like

How is the layoff at Eli Lilly?
Are they kicking out people because of free insulin tweet?

@lilly @Eli Lilly

Hello All,

I am Shabrish currently working as MS SQL DBA with 2.5 years of experience and seeking for new opportunity, It would be really great help if anyone can refer to this role.
Thanks and Regards,
Shabrish N R

like

Anyone from DELOITTE or SUTHERLAND?

like

Additional Posts in Risk Assurance

How realistic is going from newly promoted senior to manager in private? Is this a realistic jump or are most places looking for more experience? I want to get out of public but I’m not sure if I should suck it up until I can snag a risk/IA manager job or try to go do something else now.

like

Hi! Does any one know if their firm is still hiring entry level/associate positions?

likefunny

Has anyone taken the CISA with little prep / could you share tips to cram and pass?

like

How is The Risk/Reg Comp practice at RSM specifically the AML/Financial Crime team?

like

So to everyone staying in the newly rebranded DAT, I'm curious what you think our long-term exit ops will looks like. Under RA it was possible to leverage some work in ICRS or non-audit clients as "consulting work" but we're basically losing that bridge as far as I understand. I'd like to still think there's opportunities outside of just IT Audit waiting for me but have my doubts.

like

Let's get this bowl going again! Where's everyone from? I'm based in NYC

like

If I'm a cpa, is there any other cert that's worth it?

like

Does anyone else feel bad when the firm sells risk assurance as consulting to students?😂😭

likefunny

If I put in my two weeks during the Christmas break, will they terminate me immediately?

like

I do ERP Advisory type work within PwC DRS. How can I move to PwC Advisory ?

Had mid-year reviews last week. As a senior reviewing the staff, management said no staff are ready for senior promotion. Doesn’t this look bad on management that they can’t promote from within?

That moment you open a walkthrough to clear review notes., only to find that past you has already cleared most of them 💙

likefunny

Does anyone know about Deloitte’s Securitization risk advisory? Is that a good opportunity or easily be pigeon holed?

like

Exit opportunities for Risk Assurance / DAT? I feel like what we do is so concentrated - what’s one thing we can market ourselves as having experience in?

like

What is starting salary range for a senior manager risk assurance nyc?

like

Interviewing with Grant Thornton for a Business Risk and Controls Senior role. Can anyone here give me tips? Grant Thornton

like

will an FRM certification help me to move from Risk assurance to risk consulting? Currently work in b4 as an a1 and would like to potentially move to advisory in the future

like

Are the exit opportunities better in Internal Audit/Business Process than IT Audit? All I hear is how awful IT Audit is but don’t hear as much complaining from the business side

like

I was on a call today, with some clients, with regards to some evidence I need, as part of my testing. The client lead I report to, is OOO for a few days, so she was not on the call. And I was the only one from PwC. I’m having meetings with these particular clients only in the context of my current control. One of them had been rude to me on a previous call and was quite passive aggressive on emails to me. But I ignored those instances and kept communications with him to a minimum. Contd..

like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal